by Shawn Duffy | Sep 9, 2022 | CMMC 2.0, Assessments, Blog, CMMC, Compliance, Incidence Response, risk assessment, Security Awareness Training
If you’re a defense industrial base (DIB) contractor, you’re already aware you need to meet compliance requirements in the new CMMC system, which goes live May 2023. Most government contractors are required to meet CMMC Level 2. The bad news is that it...
by Shawn Duffy | Nov 30, 2021 | CMMC, Blog, Compliance, Department of Defense, SPRS
As CMMC continues to mature, we want to ensure you keep up to date with the latest news, and we want to help your organization meet the DoD Interim Rule while it remains in effect. Large prime contractor companies like General Dynamics, Northrop Grumman, and Raytheon...
by Shawn Duffy | Nov 9, 2021 | CMMC, Assessments, Blog, CMMC 2.0, Department of Defense, DFARS, DOD, News, POA&M, SPRS, vulnerability
As you may have seen last week, the new CMMC 2.0 has been released, which reverts us back to the NIST 800-171 set of security controls and families. It also allows for both a Plan of Actions & Milestones (POA&M) and self-assessments. This is great news for...
by Shawn Duffy | Sep 28, 2021 | CMMC, C3PAO, RPO
Government contractors are figuring out that bidding or working on non-public government contracts, eventually, they will need to be compliant. Right now, that consists of working toward CMMC certification and self-assessing compliance status through the Supplier...
by Shawn Duffy | Aug 26, 2021 | Blog, CMMC, Compliance, Cybersecurity, IaaS, News, PaaS
Dedicated enclave solutions are popping up in the form of Platform as a Service (PaaS) and Infrastructure as a Service (IaaS). In both cases, someone else builds, manages, and monitors a cloud-based environment, in some cases, one that was designed to meet regulatory...
by Shawn Duffy | Jun 29, 2021 | CMMC, Blog
A note from the president of Duffy Compliance, Shawn Duffy As the Cybersecurity Maturity Model Certification (CMMC) process continues to roll out, and businesses learn what is involved in all five levels, some requirements will look familiar, and some will not. At...